Proposal for Simplified Security Model for Small and Medium Business

Authors

Gonçalo Manoel da Silva Neto, UFRPEFollow
Gliner Dias Alencar, UFPE, IBGEFollow
Anderson Apolonio Lira Queiroz, Instituto Federal de Educação, Ciência e Tecnologia do Rio Grande do Norte (Campus Santa Cruz)Follow

Document Type

Article

Publication Date

5-2015

Keywords

Information Security. Small and Medium Business. Information Security Model. Information Security Standards

Abstract

The adoption of information security model, implementation of policies and fitness for any information security standard is rare for Small and Medium Enterprises (SMEs) because, often, the complexity of the rules. As these organizations contribute to much of the national economy, being the largest employers in Brazil, it was necessary to research ways to try to fill the gap. For this purpose the present study analyzed with real sample of 48 SMEs, through a questionnaire, which the vision of information security for SMEs and proposed a model simplifying controls 133 of ISO / IEC 27002 for just 22. This simplified model was , later also validated via questionnaire with ICT professionals in SMEs.

Comments

This paper is in Portuguese (Proposta de Modelo de Segurança Simplificado para Pequenas e Médias Empresas)

Recommended Citation

da Silva, Gonçalo Manoel Neto; Alencar, Gliner Dias; and Queiroz, Anderson Apolonio Lira, "Proposal for Simplified Security Model for Small and Medium Business" (2015). Proceedings of the XI Brazilian Symposium on Information Systems (SBSI 2015). 61.
https://aisel.aisnet.org/sbis2015/61